Critical CVSS: 9.8 CVE-2015-0843 yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.
Critical CVSS: 9.8 CVE-2015-0842 yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.